Closed LilahTovMoon closed 3 years ago
almarklein
commented
3 years ago This also means that people not using latest will have their builds going much slower :P Can we make this smarter (e.g. detect when the FROM has "latest" in it) or configurable? What do you think?
For some deployments, I use a pre-build image on the server itself, so that all my whole env is "pinned". I think the -pull has no effect there, but I should double-check that.
LilahTovMoon
commented
3 years ago I don't think it means that people not using latest will have their builds go much slower (depending on one's definition of "much slower").
It seems to check the sha of the docker image being pulled and if it already has it, then it just uses what it has. This does add some latency. A docker build . takes around 300-700ms for me while a docker build --pull . takes 500-1100ms. Longer, but also like a second. It is "much slower" in some ways given that it might be 2x longer. I don't know if you were worried about that or that it would re-download the image even if nothing had changed.
If there is an updated image, it does download and then it does take significantly longer (around 8 seconds for a ~40MB image for me).
I guess the question is whether something like FROM traefik/traefik:2.4 should pull a new version when there's a newer 2.4 Traefik. Would someone expect that? Would someone say FROM traefik/traefik:2.4.7 if they were expecting to remain on the same patch version?
I could make it check for a "latest" (maybe just looking for FROM lines that contain :latest), but I'm not sure if your concern was that it would re-download the image every time (even if it didn't need to) or whether the latency of looking up the sha of the image would also want to be avoided.
almarklein
commented
3 years ago No I was worried about the image getting downloaded every time, but since this is not the case, let's just merge this! If it turns out to make things significantly slower or something, we can always make the solution more complex then ;)
almarklein
commented
2 years ago I think the -pull has no effect there, but I should double-check that.
I did not check that, and I was just punished for this :D - it turns out that using --pull breaks the build when the FROM refers to an image on the same machine.
I fixed this by only adding the --pull flag when FROM refers to something:latest, see #33
This is important if the deploy is using a pre-built image where you're using the "latest" tag and want it to fetch the latest version rather than re-deploying what it has.
As the deploy docs note, a simple dockerfile like
FROM registry.example.com/your/image:tagcan let you deploy a pre-built image, but if you're using the "latest" tag,docker buildwon't re-fetch the image without--pull.https://github.com/almarklein/mypaas/blob/main/docs/deploying.md#pushing-a-deployment